Rodauth 2.36.0 Released #433
jeremyevans
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Rodauth 2.36.0 has been released!
New Features
An otp_unlock feature has been added, allowing a user to unlock
TOTP authentication with 3 consecutive successful TOTP
authentications. Previously, once TOTP authentication was locked
out, there was no way for the user to unlock it.
Any unsuccessful TOTP authentication during the unlock process
prevents unlocks attempts for a configurable amount of time (15
minutes by default). By default, this limits brute force attempts
to unlock TOTP authentication to less than 10^2 per day, with the
odds of a successful unlock in each attempt being 1 in 10^18.
An otp_lockout_email feature has been added for emailing the user
when their TOTP authentication has been locked out or unlocked, and
when there has been a failed unlock attempt.
An otp_modify_email feature has been added for emailing the user
when TOTP authentication has been setup or disabled for their
account.
A webauthn_modify_email feature has been added for emailing the
user when a WebAuthn authenticator has been added or removed from
their account.
An account_from_id configuration method has been added for loading
the account with the given account id.
A strftime_format configuration method has been added for
configuring how Time values are formatted for display to the user.
Improvements
plugin.
Thanks,
Jeremy
Beta Was this translation helpful? Give feedback.
All reactions